Disable the Stealth Mode in Windows Firewall

Hello,
is there any way to disable the Stealth mode "feature" in the Windows Vista
(Seven, Server 2008, Server 2008 R2)? Here
http://technet.microsoft.com/en-us/l...57(WS.10).aspx the MS says:
"Stealth mode is enabled by default", but nothing about disabling. This
behavior is against RFC and dramatically slows down security scanners
installed in our network. So, is there any way of using windows firewall and
being nice RFC compliant boy?

Thanks,
Glatz

Specifically which RFC? What kind of "security scanning" are you doing,
since it is *good* to have stealth mode active for security reasons.

"OgL" <o.glatz@pod.cvut.cz> wrote in message
news:A70E6DB0-5647-40E4-8C66-CEA91FAD533E@microsoft.com...
> Hello,
> is there any way to disable the Stealth mode "feature" in the Windows
> Vista (Seven, Server 2008, Server 2008 R2)? Here
> http://technet.microsoft.com/en-us/l...57(WS.10).aspx the MS
> says: "Stealth mode is enabled by default", but nothing about disabling.
> This behavior is against RFC and dramatically slows down security scanners
> installed in our network. So, is there any way of using windows firewall
> and being nice RFC compliant boy?
>
> Thanks,
> Glatz

> Specifically which RFC?
##############
RFC793 - Transmission Control Protocol
..
..
3.4. Establishing a connection
..
..
..
If the connection does not exist (CLOSED) then a reset is sent in response
to any incoming segment except another reset. In particular, SYNs addressed
to a non-existent connection are rejected by this means.
..
..
..
################
RFC792 INTERNET CONTROL MESSAGE PROTOCOL

If, in the destination host, the IP module cannot deliver the datagram
because the indicated protocol module or process port is not active, the
destination host may send a destination unreachable message to the source
host.
###############


> What kind of "security scanning" are you doing,
It doesn't matter (NESSUS).

> since it is *good* to have stealth mode active for security reasons.
I do not agree with that. But again, it does not matter. Simply, I want to
disable that "feature". The windows firewall is the only one I know, which
behave this way by default. When firewall is off, the windows machines act
as expected.

Glatz

On Fri, 27 Nov 2009 16:03:49 -0700, "Andy Medina"
<gmedina@email.arizona.edu> wrote:

>Specifically which RFC? What kind of "security scanning" are you doing,
>since it is *good* to have stealth mode active for security reasons.

The so called "Stealth mode" adds nothing in terms of security.

Hello OgL,

Not sure, but it sounds for me like the network discovery option which is
disabled by default:
http://windows.microsoft.com/en-US/w...work-discovery

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm


> Hello,
> is there any way to disable the Stealth mode "feature" in the Windows
> Vista
> (Seven, Server 2008, Server 2008 R2)? Here
> http://technet.microsoft.com/en-us/l...57(WS.10).aspx the MS
> says:
> "Stealth mode is enabled by default", but nothing about disabling.
> This
> behavior is against RFC and dramatically slows down security scanners
> installed in our network. So, is there any way of using windows
> firewall and
> being nice RFC compliant boy?
> Thanks,
> Glatz

IMHO this option enables/disables using of LLTD protocol. Anyway, it is
turned on on my machine.

Thanks,
Glatz

"Meinolf Weber [MVP-DS]" <meiweb@(nospam)gmx.de> wrote in message
news:6cb2911da4958cc3e4fd6c36f5c@msnews.microsoft. com...
> Hello OgL,
>
> Not sure, but it sounds for me like the network discovery option which is
> disabled by default:
> http://windows.microsoft.com/en-US/w...work-discovery